SlideShare una empresa de Scribd logo

Cyber security of power grid

Descargar como PPTX, PDF
P K Agarwal
P K Agarwal

Concern in cyber security of power grid, available standard and way forward.

Tecnología
1 de 30
CYBER SECURITY of POWER GRID P.K.Agarwal, Addtional General Manager, Power System Operation Corporation
22-Feb-2012 2 SCADA Hacking News
Convergence of Information Technology and Operation Technology. 22-Feb-2012 3 Enterprise Systems Web Applications Control Systems Protection Systems Information Technology Operations Technology AMI DSM OMS GIS Smart Grid Technology Concerns of Cyber Security
-: Need of Data Sharing :- -: Increased use of digital information :- -: Two way flow of information for Power Grid :- 22-Feb-2012 4 Markets Generation Transmission Distribution Customer Service Providers Flow of Electricity Flow of Information
Concerns with regard to security of power grid solutions. Existing standards for system security under a smart grid environment for System Operator. Challenges of integrating new technologies with legacy systems. Roadmap for technology adoption required for network security in smart grid environment. 22-Feb-2012 5 Agenda
Concerns with regard to security of power grid solutions. 22-Feb-2012 6
Cyber Security in Power Grid 22-Feb-2012 7 ThreatsRequirements Confidentiality Integrity Availability Non- Repudiation Unauthorised access to Infomation Unauthorised Modification or Theft of Infomation Denial of Service or Prevention of Authorised Access Accountability: Denial of Action That took place, or claim of Action that did not take place
Concerns • Current power grid depends on complex network of computers, software and communication technologies. • If compromised, have the potential to cause great damages. • A cyber attack has the unique in nature that it can be launched through – public network – from a remote location – Form any where in the world. – Coordinated to attack many locations 22-Feb-2012 8
More Concerns • The legacy communication method used for grid operations also provide potential cyber attack paths. • Many cyber vulnerabilities in Supervisory Control and Data Acquisition (SCADA) System have been surfaced. • Level of automation in substations is increasing, which can lead more cyber security issues. • Recent study have shown that the deployed components have significant cyber vulnerabilities.22-Feb-2012 9
Still More Concerns • Efforts of energy sector to uncover system vulnerabilities develop effective countermeasures have prevented serious damages to electric supply chain. • Some of these vulnerabilities are in the process of being mitigated. • However, attack on energy control systems have been successful in many cases. 22-Feb-2012 10
Existing standards for system security under a smart grid environment for system operators. 22-Feb-2012 11
Standards and Framework • ISO/IEC 27001- Information Security Management System. • NERC-CIP Standards - Critical Infrastructure Protection Standard. • NIST IR 7628 – Guidelines for Smart Grid Cyber Security. • IEC 62351 Series Security Standards Standards 22-Feb-2012 12
ISO/IEC 27001 - ISMS • Information Security Management System Standard. • Published by International Organization for Standards and International Electro technical Commission. • Information technology -- Security techniques -- Information security management systems -- Requirements. • Formally specifies a management system that is intended to bring information security under explicit management control.22-Feb-2012 13
NERC – CIP Standards • Critical infrastructure protection (CIP) is a concept by North American Reliability Corporation (NERC). • Efforts to improve physical and cyber security for the bulk power system of North America. • include standards development, compliance enforcement, assessments of risk and preparedness • provide a cyber security framework for the identification and protection of Critical Cyber Assets to support reliable operation of the Bulk22-Feb-2012 14
CIP-001 Sabotage Reporting CIP-002 Critical Cyber Asset Identification CIP-003 Security Management Controls CIP-004 Personnel & Training CIP-005 Electronic Security Perimeter(s) CIP-006 Physical Security of Critical Cyber Assets CIP-007 Systems Security Management CIP-008 Incident Reporting and Response Planning CIP-009 Recovery Plans for Critical Cyber Assets 22-Feb-2012 15 NERC – CIP Standards Series
NIST IR-7628 Guidelines for Smart Grid Cyber Security. • Advisory guidelines – neither prescriptive nor mandatory • Intended to facilitate efforts to develop:- – A cyber Security Strategy – Effectively focused on • Prevention • Detection • Response and • Recovery 22-Feb-2012 16
NIST IR-7628 Guideline The three-volume reports of Guidelines for Smart Grid Cyber Security are:- • Volume 1 - Smart Grid Cyber Security Strategy, Architecture, and High-Level Requirements • Volume 2 - Privacy and the Smart Grid • Volume 3 - Supportive Analyses and References Freely available at http://csrc.nist.gov/publications/nistir 22-Feb-2012 17
IEC-62351 Standards • Communication protocols are one of the most critical parts of power system operations. • Communication protocols developed by TR 57 are:- – IEC 60870-5 – 101, 102, 103, 104 – IEC 60870-6 – TASE.2 – IEC 61850 • These were very specialized, rely on “Security by Obscenity” – now no longer valid. 22-Feb-2012 18
IEC-62351 Standards Series • Series provides provides a frame work for security of existing power system protocols:- – IEC 62351-1 : Introduction and overview – IEC 62351-2 : Glossary of Terms – IEC 62351-3 : Profiles including TCP/IP – IEC 62351-4 : Profiles including MMS – IEC 62351-5 : Security for IEC 60870-5 & derivatives – IEC 62351-6 : Security for 61850 Profiles – IEC 62351-7 : Management Information Base Requirements for End-to-End Network Management 22-Feb-2012 19
Correlation between IEC 62351 and Power System Protocols 22-Feb-2012 20 IEC 62351-1 : Introduction IEC 62351-2 : Glossary IEC 62351-3 : Profiles Including TCP/IP IEC 62351-4 : Profiles Including MMS IEC 62351-5 : IEC 60870-5 & Derivatives IEC 62351-6 : IEC 61850 IEC 60870-6 TASE.2 IEC62351-7:MIBfor NetworkandSystem Management IEC 61850-8-1 MMS Profiles IEC 60870-5-104 TCP/IP IEC 60870-5-101, 102 and 103 IEC 61850-8-1 GOOSE Profiles IEC 61850-9-2 Profiles Source – IEC 62351- 1 IEC 60870-6 TASE.2
Challenges of integrating new technologies with legacy systems. 22-Feb-2012 21
Legacy System – Silos of Information 22-Feb-2012 22 TOP1 – Operational Information DIST1 - Operational Information DISTx – Operational Information GEN1 - Operational Information GENx - Operational Information TOPx – Operational Information
Smart System – Sharing of Information 22-Feb-2012 23 Transmission Distribution CustomersGeneration AMI DSM System Operations System Operations
Challenges in Integrating 22-Feb-2012 24 Increasing Number Of Systems and Size of Code Base Control Systems Not Designed with Security in Mind Increasing Use of COTS Hardware and Software New Customer Touch Points into Utilities New 2-Way Systems (e.g. AMI, DSM) Increasing Interconnection and Integration Increased Attack Surface Increased Risk to Operations
Some Solutions • Air gap between legacy and new system. – Sharing of information through batch transfer. – Not possible in real tim emode. • Publish/Subscribe technology between legacy system and new system. – Information can only be shared if the source system publishes it. • Use of Data-diode technolgy. 22-Feb-2012 25
Challenges of integrating new technologies with legacy systems. 22-Feb-2012 26
Barriers • Cyber threats are unpredictable and evolve faster than the sector’s ability to develop and deploy countermeasures • Security upgrades to legacy systems are limited by inherent limitations of the equipment and architectures • Threat, vulnerability, incident, and mitigation information sharing is insufficient among government and industry • Weak business case for cyber security investment by industry 22-Feb-2012 27
Strategies • Build a culture of security. • Access and Monitor Risks. • Develop and Implement New Protective Measures to reduce Risks. • Manage Incidence. • Sustain Security Improvements. 22-Feb-2012 28
Road Map for Security of Smart Grid • Information Security Management System have been adopted by each regional load dispatch center. • Each RLDC has been certified by International Certifying Body (BSI) for ISO 27001:2005. • SCADA system up gradation is being done with:- – Adoption of IEC 62351 security standards. – Secure connection between SCADA network and Enterprise network for cyber security. – Access control for physical security. 22-Feb-2012 29
22-Feb-2012 30

Recomendados

Smart Grid Cyber Security
Smart Grid Cyber SecuritySmart Grid Cyber Security
Smart Grid Cyber Security
JAZEEL K T
 
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...
University of Southern California
 
Cyber security in Smart grid system
Cyber security in Smart grid systemCyber security in Smart grid system
Cyber security in Smart grid system
amaljose949563
 
ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How To
Jim Gilsinn
 
Smart grid security
Smart grid securitySmart grid security
Smart grid security
Ahmadreza Ghaznavi
 
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Leonardo ENERGY
 
Basics of Solar PV O&M - Solarig Gensol
Basics of Solar PV O&M - Solarig GensolBasics of Solar PV O&M - Solarig Gensol
Basics of Solar PV O&M - Solarig Gensol
Gensol Engineering Limited
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)
Ben Rothke
 

Recomendados

Smart Grid Cyber Security
Smart Grid Cyber SecuritySmart Grid Cyber Security
Smart Grid Cyber Security
JAZEEL K T
 
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...
University of Southern California
 
Cyber security in Smart grid system
Cyber security in Smart grid systemCyber security in Smart grid system
Cyber security in Smart grid system
amaljose949563
 
ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How To
Jim Gilsinn
 
Smart grid security
Smart grid securitySmart grid security
Smart grid security
Ahmadreza Ghaznavi
 
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Leonardo ENERGY
 
Basics of Solar PV O&M - Solarig Gensol
Basics of Solar PV O&M - Solarig GensolBasics of Solar PV O&M - Solarig Gensol
Basics of Solar PV O&M - Solarig Gensol
Gensol Engineering Limited
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)
Ben Rothke
 
SABSA Implementation(Part I)_ver1-0
SABSA Implementation(Part I)_ver1-0SABSA Implementation(Part I)_ver1-0
SABSA Implementation(Part I)_ver1-0
Maganathin Veeraragaloo
 
2021/0/15 - Solarwinds supply chain attack: why we should take it sereously
2021/0/15 - Solarwinds supply chain attack: why we should take it sereously2021/0/15 - Solarwinds supply chain attack: why we should take it sereously
2021/0/15 - Solarwinds supply chain attack: why we should take it sereously
Sirris
 
Cyber security for smart grid
Cyber security for smart grid Cyber security for smart grid
Cyber security for smart grid
Krithika Muthusubramanian
 
Information Security
Information SecurityInformation Security
Information Security
chenpingling
 
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Jim Gilsinn
 
Industrial Security.pdf
Industrial Security.pdfIndustrial Security.pdf
Industrial Security.pdf
AhmedRKhan
 
SCADA Security Presentation
SCADA Security PresentationSCADA Security Presentation
SCADA Security Presentation
Filip Maertens
 
Journey to the Center of Security Operations
Journey to the Center of Security OperationsJourney to the Center of Security Operations
Journey to the Center of Security Operations
♟Sergej Epp
 
introduction to Embedded System Security
introduction to Embedded System Securityintroduction to Embedded System Security
introduction to Embedded System Security
Adel Barkam
 
Cyber security in power sector
Cyber security in power sectorCyber security in power sector
Cyber security in power sector
P K Agarwal
 
DG interconnection protection ieee 1547
DG interconnection protection ieee 1547DG interconnection protection ieee 1547
DG interconnection protection ieee 1547
michaeljmack
 
Security Information Event Management - nullhyd
Security Information Event Management - nullhydSecurity Information Event Management - nullhyd
Security Information Event Management - nullhyd
n|u - The Open Security Community
 
Nozomi Networks Q1_2018 Company Introduction
Nozomi Networks Q1_2018 Company IntroductionNozomi Networks Q1_2018 Company Introduction
Nozomi Networks Q1_2018 Company Introduction
Nozomi Networks
 
Three Networks, Different Risks - IT, OT and Engineering
Three Networks, Different Risks - IT, OT and EngineeringThree Networks, Different Risks - IT, OT and Engineering
Three Networks, Different Risks - IT, OT and Engineering
Waterfall Security Solutions
 
El nuevo Esquema Nacional de Seguridad
El nuevo Esquema Nacional de SeguridadEl nuevo Esquema Nacional de Seguridad
El nuevo Esquema Nacional de Seguridad
Miguel A. Amutio
 
Directional relay & Differential relay.pptx
Directional relay & Differential relay.pptxDirectional relay & Differential relay.pptx
Directional relay & Differential relay.pptx
UtthejNani1
 
Cyber Security of Power grids
Cyber Security of Power grids Cyber Security of Power grids
Cyber Security of Power grids
Jishnu Pradeep
 
Microgrids : an indian perspective.
Microgrids : an indian perspective.Microgrids : an indian perspective.
Microgrids : an indian perspective.
Sumit Raturi
 
Cybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesCybersecurity Risks for Businesses
Cybersecurity Risks for Businesses
Alex Rudie
 
Smart grid the future grid
Smart grid the future gridSmart grid the future grid
Smart grid the future grid
subhankar Dash
 
Security challenges to power grid and smart grid infrastructures
Security challenges to power grid and smart grid infrastructuresSecurity challenges to power grid and smart grid infrastructures
Security challenges to power grid and smart grid infrastructures
P K Agarwal
 
Smart Grid Cyber Security Summit Revere
Smart Grid Cyber Security Summit RevereSmart Grid Cyber Security Summit Revere
Smart Grid Cyber Security Summit Revere
hhanebeck
 

Más contenido relacionado

La actualidad más candente

Information Security
Information SecurityInformation Security
Information Security
chenpingling
 
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Jim Gilsinn
 
DG interconnection protection ieee 1547
DG interconnection protection ieee 1547DG interconnection protection ieee 1547
DG interconnection protection ieee 1547
michaeljmack
 
Nozomi Networks Q1_2018 Company Introduction
Nozomi Networks Q1_2018 Company IntroductionNozomi Networks Q1_2018 Company Introduction
Nozomi Networks Q1_2018 Company Introduction
Nozomi Networks
 
Directional relay & Differential relay.pptx
Directional relay & Differential relay.pptxDirectional relay & Differential relay.pptx
Directional relay & Differential relay.pptx
UtthejNani1
 

La actualidad más candente (20)

SABSA Implementation(Part I)_ver1-0
SABSA Implementation(Part I)_ver1-0SABSA Implementation(Part I)_ver1-0
SABSA Implementation(Part I)_ver1-0
 
2021/0/15 - Solarwinds supply chain attack: why we should take it sereously
2021/0/15 - Solarwinds supply chain attack: why we should take it sereously2021/0/15 - Solarwinds supply chain attack: why we should take it sereously
2021/0/15 - Solarwinds supply chain attack: why we should take it sereously
 
Cyber security for smart grid
Cyber security for smart grid Cyber security for smart grid
Cyber security for smart grid
 
Information Security
Information SecurityInformation Security
Information Security
 
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
 
Industrial Security.pdf
Industrial Security.pdfIndustrial Security.pdf
Industrial Security.pdf
 
SCADA Security Presentation
SCADA Security PresentationSCADA Security Presentation
SCADA Security Presentation
 
Journey to the Center of Security Operations
Journey to the Center of Security OperationsJourney to the Center of Security Operations
Journey to the Center of Security Operations
 
introduction to Embedded System Security
introduction to Embedded System Securityintroduction to Embedded System Security
introduction to Embedded System Security
 
Cyber security in power sector
Cyber security in power sectorCyber security in power sector
Cyber security in power sector
 
DG interconnection protection ieee 1547
DG interconnection protection ieee 1547DG interconnection protection ieee 1547
DG interconnection protection ieee 1547
 
Security Information Event Management - nullhyd
Security Information Event Management - nullhydSecurity Information Event Management - nullhyd
Security Information Event Management - nullhyd
 
Nozomi Networks Q1_2018 Company Introduction
Nozomi Networks Q1_2018 Company IntroductionNozomi Networks Q1_2018 Company Introduction
Nozomi Networks Q1_2018 Company Introduction
 
Three Networks, Different Risks - IT, OT and Engineering
Three Networks, Different Risks - IT, OT and EngineeringThree Networks, Different Risks - IT, OT and Engineering
Three Networks, Different Risks - IT, OT and Engineering
 
El nuevo Esquema Nacional de Seguridad
El nuevo Esquema Nacional de SeguridadEl nuevo Esquema Nacional de Seguridad
El nuevo Esquema Nacional de Seguridad
 
Directional relay & Differential relay.pptx
Directional relay & Differential relay.pptxDirectional relay & Differential relay.pptx
Directional relay & Differential relay.pptx
 
Cyber Security of Power grids
Cyber Security of Power grids Cyber Security of Power grids
Cyber Security of Power grids
 
Microgrids : an indian perspective.
Microgrids : an indian perspective.Microgrids : an indian perspective.
Microgrids : an indian perspective.
 
Cybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesCybersecurity Risks for Businesses
Cybersecurity Risks for Businesses
 
Smart grid the future grid
Smart grid the future gridSmart grid the future grid
Smart grid the future grid
 

Destacado

AJ Faxel's Work Photos
AJ Faxel's Work PhotosAJ Faxel's Work Photos
AJ Faxel's Work Photos
AJ Faxel
 
Investorguide Eng
Investorguide EngInvestorguide Eng
Investorguide Eng
tanriverdi
 
ikd312-05-kalkulus-relasional
ikd312-05-kalkulus-relasionalikd312-05-kalkulus-relasional
ikd312-05-kalkulus-relasional
Anung Ariwibowo
 
Effective use of communication tools
Effective use of communication toolsEffective use of communication tools
Effective use of communication tools
Rajendra Sabnis
 
my presentation
my presentationmy presentation
my presentation
guestae089
 

Destacado (20)

Security challenges to power grid and smart grid infrastructures
Security challenges to power grid and smart grid infrastructuresSecurity challenges to power grid and smart grid infrastructures
Security challenges to power grid and smart grid infrastructures
 
Smart Grid Cyber Security Summit Revere
Smart Grid Cyber Security Summit RevereSmart Grid Cyber Security Summit Revere
Smart Grid Cyber Security Summit Revere
 
Webinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on UtilitiesWebinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on Utilities
 
Cyber Security in Energy & Utilities Industry
Cyber Security in Energy & Utilities IndustryCyber Security in Energy & Utilities Industry
Cyber Security in Energy & Utilities Industry
 
Scada
ScadaScada
Scada
 
Veena kakati
Veena kakatiVeena kakati
Veena kakati
 
Smart Grid & SCADA Systems
Smart Grid & SCADA SystemsSmart Grid & SCADA Systems
Smart Grid & SCADA Systems
 
Final 1st
Final 1stFinal 1st
Final 1st
 
Security and smart grid what you need to know john chowdhury 2012 final
Security and smart grid what you need to know john chowdhury 2012 finalSecurity and smart grid what you need to know john chowdhury 2012 final
Security and smart grid what you need to know john chowdhury 2012 final
 
Smart Grid Technology
Smart Grid TechnologySmart Grid Technology
Smart Grid Technology
 
Camur 2016-ancash-1
Camur 2016-ancash-1Camur 2016-ancash-1
Camur 2016-ancash-1
 
High Performance Websites By Souders Steve
High Performance Websites By Souders SteveHigh Performance Websites By Souders Steve
High Performance Websites By Souders Steve
 
AJ Faxel's Work Photos
AJ Faxel's Work PhotosAJ Faxel's Work Photos
AJ Faxel's Work Photos
 
Investorguide Eng
Investorguide EngInvestorguide Eng
Investorguide Eng
 
ikd312-05-kalkulus-relasional
ikd312-05-kalkulus-relasionalikd312-05-kalkulus-relasional
ikd312-05-kalkulus-relasional
 
jukran sismintir, nomor 162.a tahun 2011
jukran sismintir, nomor 162.a tahun 2011jukran sismintir, nomor 162.a tahun 2011
jukran sismintir, nomor 162.a tahun 2011
 
Fire Department Of New York City
Fire Department Of New York CityFire Department Of New York City
Fire Department Of New York City
 
Effective use of communication tools
Effective use of communication toolsEffective use of communication tools
Effective use of communication tools
 
Visalus Home Presentation
Visalus Home PresentationVisalus Home Presentation
Visalus Home Presentation
 
my presentation
my presentationmy presentation
my presentation
 

Similar a Cyber security of power grid

ICS Supply Chain Security: Learning from Recent Incidents and Other Sectors
ICS Supply Chain Security: Learning from Recent Incidents and Other SectorsICS Supply Chain Security: Learning from Recent Incidents and Other Sectors
ICS Supply Chain Security: Learning from Recent Incidents and Other Sectors
EnergySec
 
AEE Cybersecurity for the IOT in Facility Energy Distribution Slides
AEE Cybersecurity for the IOT in Facility Energy Distribution SlidesAEE Cybersecurity for the IOT in Facility Energy Distribution Slides
AEE Cybersecurity for the IOT in Facility Energy Distribution Slides
Andy Taylor
 
Creating a Reliable and Secure Advanced Distribution Management System
Creating a Reliable and Secure Advanced Distribution Management SystemCreating a Reliable and Secure Advanced Distribution Management System
Creating a Reliable and Secure Advanced Distribution Management System
Schneider Electric
 
Cyber Security in Substation Automation (IEC 61850)
Cyber Security in Substation Automation (IEC 61850)Cyber Security in Substation Automation (IEC 61850)
Cyber Security in Substation Automation (IEC 61850)
Nikandrov Maxim
 
Critical Information Infrastructure Systems Worldwide
Critical Information Infrastructure Systems WorldwideCritical Information Infrastructure Systems Worldwide
Critical Information Infrastructure Systems Worldwide
Angela Hays
 

Similar a Cyber security of power grid (20)

8.3_TMSC Overview_Bozada_EPRI/SNL Microgrid Symposium
8.3_TMSC Overview_Bozada_EPRI/SNL Microgrid Symposium8.3_TMSC Overview_Bozada_EPRI/SNL Microgrid Symposium
8.3_TMSC Overview_Bozada_EPRI/SNL Microgrid Symposium
 
ICS Supply Chain Security: Learning from Recent Incidents and Other Sectors
ICS Supply Chain Security: Learning from Recent Incidents and Other SectorsICS Supply Chain Security: Learning from Recent Incidents and Other Sectors
ICS Supply Chain Security: Learning from Recent Incidents and Other Sectors
 
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
 
AEE Cybersecurity for the IOT in Facility Energy Distribution Slides
AEE Cybersecurity for the IOT in Facility Energy Distribution SlidesAEE Cybersecurity for the IOT in Facility Energy Distribution Slides
AEE Cybersecurity for the IOT in Facility Energy Distribution Slides
 
Standards based security for energy utilities
Standards based security for energy utilitiesStandards based security for energy utilities
Standards based security for energy utilities
 
Security of the Electric Grid: It's more than just NERC CIP
Security of the Electric Grid: It's more than just NERC CIPSecurity of the Electric Grid: It's more than just NERC CIP
Security of the Electric Grid: It's more than just NERC CIP
 
Microgrid Testbed at a Glance
Microgrid Testbed at a GlanceMicrogrid Testbed at a Glance
Microgrid Testbed at a Glance
 
T063500000200201 ppte
T063500000200201 ppteT063500000200201 ppte
T063500000200201 ppte
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
 
IoT Security Assessment - IEEE PAR Proposal
IoT Security Assessment - IEEE PAR ProposalIoT Security Assessment - IEEE PAR Proposal
IoT Security Assessment - IEEE PAR Proposal
 
Creating a Reliable and Secure Advanced Distribution Management System
Creating a Reliable and Secure Advanced Distribution Management SystemCreating a Reliable and Secure Advanced Distribution Management System
Creating a Reliable and Secure Advanced Distribution Management System
 
Cyber Security in Substation Automation (IEC 61850)
Cyber Security in Substation Automation (IEC 61850)Cyber Security in Substation Automation (IEC 61850)
Cyber Security in Substation Automation (IEC 61850)
 
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
 
European smart grid cyber and scada security
European smart grid cyber and scada securityEuropean smart grid cyber and scada security
European smart grid cyber and scada security
 
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
 
10. industrial networks safety and security tom hammond
10. industrial networks safety and security tom hammond10. industrial networks safety and security tom hammond
10. industrial networks safety and security tom hammond
 
3.3_Cyber Security R&D for Microgrids_Stamp_EPRI/SNL Microgrid
3.3_Cyber Security R&D for Microgrids_Stamp_EPRI/SNL Microgrid3.3_Cyber Security R&D for Microgrids_Stamp_EPRI/SNL Microgrid
3.3_Cyber Security R&D for Microgrids_Stamp_EPRI/SNL Microgrid
 
Critical Information Infrastructure Systems Worldwide
Critical Information Infrastructure Systems WorldwideCritical Information Infrastructure Systems Worldwide
Critical Information Infrastructure Systems Worldwide
 
Dr Dev Kambhampati | Electric Utilities Situational Awareness
Dr Dev Kambhampati | Electric Utilities Situational AwarenessDr Dev Kambhampati | Electric Utilities Situational Awareness
Dr Dev Kambhampati | Electric Utilities Situational Awareness
 
NIST Guide- Situational Awareness for Electric Utilities
NIST Guide- Situational Awareness for Electric UtilitiesNIST Guide- Situational Awareness for Electric Utilities
NIST Guide- Situational Awareness for Electric Utilities
 

Más de P K Agarwal

Managing Power System
Managing Power SystemManaging Power System
Managing Power System
P K Agarwal
 
Electric energy scientific development, main source and consumers
Electric energy scientific development, main source and consumersElectric energy scientific development, main source and consumers
Electric energy scientific development, main source and consumers
P K Agarwal
 
Paradigm Shift In Power System Scada
Paradigm Shift In Power System ScadaParadigm Shift In Power System Scada
Paradigm Shift In Power System Scada
P K Agarwal
 

Más de P K Agarwal (7)

Cybersecurityinpowersector 181124194055
Cybersecurityinpowersector 181124194055Cybersecurityinpowersector 181124194055
Cybersecurityinpowersector 181124194055
 
Operational Aspects of Real Time Market in India
Operational Aspects of Real Time Market in IndiaOperational Aspects of Real Time Market in India
Operational Aspects of Real Time Market in India
 
Managing Power System
Managing Power SystemManaging Power System
Managing Power System
 
Electric energy scientific development, main source and consumers
Electric energy scientific development, main source and consumersElectric energy scientific development, main source and consumers
Electric energy scientific development, main source and consumers
 
Transforming Managers A learning Agenda
Transforming Managers A learning AgendaTransforming Managers A learning Agenda
Transforming Managers A learning Agenda
 
Paradigm Shift In Power System Scada
Paradigm Shift In Power System ScadaParadigm Shift In Power System Scada
Paradigm Shift In Power System Scada
 
Power Quality
Power QualityPower Quality
Power Quality
 

Último

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 

Último (20)

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 

Cyber security of power grid

  • 1. CYBER SECURITY of POWER GRID P.K.Agarwal, Addtional General Manager, Power System Operation Corporation
  • 3. Convergence of Information Technology and Operation Technology. 22-Feb-2012 3 Enterprise Systems Web Applications Control Systems Protection Systems Information Technology Operations Technology AMI DSM OMS GIS Smart Grid Technology Concerns of Cyber Security
  • 4. -: Need of Data Sharing :- -: Increased use of digital information :- -: Two way flow of information for Power Grid :- 22-Feb-2012 4 Markets Generation Transmission Distribution Customer Service Providers Flow of Electricity Flow of Information
  • 5. Concerns with regard to security of power grid solutions. Existing standards for system security under a smart grid environment for System Operator. Challenges of integrating new technologies with legacy systems. Roadmap for technology adoption required for network security in smart grid environment. 22-Feb-2012 5 Agenda
  • 6. Concerns with regard to security of power grid solutions. 22-Feb-2012 6
  • 7. Cyber Security in Power Grid 22-Feb-2012 7 ThreatsRequirements Confidentiality Integrity Availability Non- Repudiation Unauthorised access to Infomation Unauthorised Modification or Theft of Infomation Denial of Service or Prevention of Authorised Access Accountability: Denial of Action That took place, or claim of Action that did not take place
  • 8. Concerns • Current power grid depends on complex network of computers, software and communication technologies. • If compromised, have the potential to cause great damages. • A cyber attack has the unique in nature that it can be launched through – public network – from a remote location – Form any where in the world. – Coordinated to attack many locations 22-Feb-2012 8
  • 9. More Concerns • The legacy communication method used for grid operations also provide potential cyber attack paths. • Many cyber vulnerabilities in Supervisory Control and Data Acquisition (SCADA) System have been surfaced. • Level of automation in substations is increasing, which can lead more cyber security issues. • Recent study have shown that the deployed components have significant cyber vulnerabilities.22-Feb-2012 9
  • 10. Still More Concerns • Efforts of energy sector to uncover system vulnerabilities develop effective countermeasures have prevented serious damages to electric supply chain. • Some of these vulnerabilities are in the process of being mitigated. • However, attack on energy control systems have been successful in many cases. 22-Feb-2012 10
  • 11. Existing standards for system security under a smart grid environment for system operators. 22-Feb-2012 11
  • 12. Standards and Framework • ISO/IEC 27001- Information Security Management System. • NERC-CIP Standards - Critical Infrastructure Protection Standard. • NIST IR 7628 – Guidelines for Smart Grid Cyber Security. • IEC 62351 Series Security Standards Standards 22-Feb-2012 12
  • 13. ISO/IEC 27001 - ISMS • Information Security Management System Standard. • Published by International Organization for Standards and International Electro technical Commission. • Information technology -- Security techniques -- Information security management systems -- Requirements. • Formally specifies a management system that is intended to bring information security under explicit management control.22-Feb-2012 13
  • 14. NERC – CIP Standards • Critical infrastructure protection (CIP) is a concept by North American Reliability Corporation (NERC). • Efforts to improve physical and cyber security for the bulk power system of North America. • include standards development, compliance enforcement, assessments of risk and preparedness • provide a cyber security framework for the identification and protection of Critical Cyber Assets to support reliable operation of the Bulk22-Feb-2012 14
  • 15. CIP-001 Sabotage Reporting CIP-002 Critical Cyber Asset Identification CIP-003 Security Management Controls CIP-004 Personnel & Training CIP-005 Electronic Security Perimeter(s) CIP-006 Physical Security of Critical Cyber Assets CIP-007 Systems Security Management CIP-008 Incident Reporting and Response Planning CIP-009 Recovery Plans for Critical Cyber Assets 22-Feb-2012 15 NERC – CIP Standards Series
  • 16. NIST IR-7628 Guidelines for Smart Grid Cyber Security. • Advisory guidelines – neither prescriptive nor mandatory • Intended to facilitate efforts to develop:- – A cyber Security Strategy – Effectively focused on • Prevention • Detection • Response and • Recovery 22-Feb-2012 16
  • 17. NIST IR-7628 Guideline The three-volume reports of Guidelines for Smart Grid Cyber Security are:- • Volume 1 - Smart Grid Cyber Security Strategy, Architecture, and High-Level Requirements • Volume 2 - Privacy and the Smart Grid • Volume 3 - Supportive Analyses and References Freely available at http://csrc.nist.gov/publications/nistir 22-Feb-2012 17
  • 18. IEC-62351 Standards • Communication protocols are one of the most critical parts of power system operations. • Communication protocols developed by TR 57 are:- – IEC 60870-5 – 101, 102, 103, 104 – IEC 60870-6 – TASE.2 – IEC 61850 • These were very specialized, rely on “Security by Obscenity” – now no longer valid. 22-Feb-2012 18
  • 19. IEC-62351 Standards Series • Series provides provides a frame work for security of existing power system protocols:- – IEC 62351-1 : Introduction and overview – IEC 62351-2 : Glossary of Terms – IEC 62351-3 : Profiles including TCP/IP – IEC 62351-4 : Profiles including MMS – IEC 62351-5 : Security for IEC 60870-5 & derivatives – IEC 62351-6 : Security for 61850 Profiles – IEC 62351-7 : Management Information Base Requirements for End-to-End Network Management 22-Feb-2012 19
  • 20. Correlation between IEC 62351 and Power System Protocols 22-Feb-2012 20 IEC 62351-1 : Introduction IEC 62351-2 : Glossary IEC 62351-3 : Profiles Including TCP/IP IEC 62351-4 : Profiles Including MMS IEC 62351-5 : IEC 60870-5 & Derivatives IEC 62351-6 : IEC 61850 IEC 60870-6 TASE.2 IEC62351-7:MIBfor NetworkandSystem Management IEC 61850-8-1 MMS Profiles IEC 60870-5-104 TCP/IP IEC 60870-5-101, 102 and 103 IEC 61850-8-1 GOOSE Profiles IEC 61850-9-2 Profiles Source – IEC 62351- 1 IEC 60870-6 TASE.2
  • 21. Challenges of integrating new technologies with legacy systems. 22-Feb-2012 21
  • 22. Legacy System – Silos of Information 22-Feb-2012 22 TOP1 – Operational Information DIST1 - Operational Information DISTx – Operational Information GEN1 - Operational Information GENx - Operational Information TOPx – Operational Information
  • 23. Smart System – Sharing of Information 22-Feb-2012 23 Transmission Distribution CustomersGeneration AMI DSM System Operations System Operations
  • 24. Challenges in Integrating 22-Feb-2012 24 Increasing Number Of Systems and Size of Code Base Control Systems Not Designed with Security in Mind Increasing Use of COTS Hardware and Software New Customer Touch Points into Utilities New 2-Way Systems (e.g. AMI, DSM) Increasing Interconnection and Integration Increased Attack Surface Increased Risk to Operations
  • 25. Some Solutions • Air gap between legacy and new system. – Sharing of information through batch transfer. – Not possible in real tim emode. • Publish/Subscribe technology between legacy system and new system. – Information can only be shared if the source system publishes it. • Use of Data-diode technolgy. 22-Feb-2012 25
  • 26. Challenges of integrating new technologies with legacy systems. 22-Feb-2012 26
  • 27. Barriers • Cyber threats are unpredictable and evolve faster than the sector’s ability to develop and deploy countermeasures • Security upgrades to legacy systems are limited by inherent limitations of the equipment and architectures • Threat, vulnerability, incident, and mitigation information sharing is insufficient among government and industry • Weak business case for cyber security investment by industry 22-Feb-2012 27
  • 28. Strategies • Build a culture of security. • Access and Monitor Risks. • Develop and Implement New Protective Measures to reduce Risks. • Manage Incidence. • Sustain Security Improvements. 22-Feb-2012 28
  • 29. Road Map for Security of Smart Grid • Information Security Management System have been adopted by each regional load dispatch center. • Each RLDC has been certified by International Certifying Body (BSI) for ISO 27001:2005. • SCADA system up gradation is being done with:- – Adoption of IEC 62351 security standards. – Secure connection between SCADA network and Enterprise network for cyber security. – Access control for physical security. 22-Feb-2012 29